aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorBBcan177 <bbcan177@gmail.com>2016-03-20 22:36:40 -0400
committerBBcan177 <bbcan177@gmail.com>2016-03-20 22:36:40 -0400
commit1b11e80090776ad4e870d280d8bea4ba305699df (patch)
tree03ceeb62a30a1a0140bcbe9693a1c29680690933
parent65ca269b35e0bd54c50fa6d9ff6fa4593273814b (diff)
downloadpfsense-packages-1b11e80090776ad4e870d280d8bea4ba305699df.tar.gz
pfsense-packages-1b11e80090776ad4e870d280d8bea4ba305699df.tar.bz2
pfsense-packages-1b11e80090776ad4e870d280d8bea4ba305699df.zip
Update pfblockerng_install.inc
* Add TLSv1.1 to cURL SSL Options * Upgrade existing 'Advanced Outbound Firewall Rules' variables to new variable format
-rw-r--r--config/pfblockerng/pfblockerng_install.inc55
1 files changed, 54 insertions, 1 deletions
diff --git a/config/pfblockerng/pfblockerng_install.inc b/config/pfblockerng/pfblockerng_install.inc
index 93599821..5fa23782 100644
--- a/config/pfblockerng/pfblockerng_install.inc
+++ b/config/pfblockerng/pfblockerng_install.inc
@@ -101,7 +101,7 @@ if (!file_exists("{$pfb['geoipshare']}/{$pfb['maxmind'][0]['file']}") ||
}
curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 Chrome/43.0.2357.65 Safari/537.36');
- curl_setopt($ch, CURLOPT_SSL_CIPHER_LIST, 'TLSv1.2, TLSv1');
+ curl_setopt($ch, CURLOPT_SSL_CIPHER_LIST, 'TLSv1.2, TLSv1.1, TLSv1');
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, true);
@@ -279,6 +279,59 @@ EOF;
update_static_output(" done.\n");
}
+
+// Upgrade - Adv. Inbound settings to new variable names.
+update_static_output("Upgrading Adv. Inbound firewall rule settings ...");
+$ufound = FALSE;
+$upgrade_type = array('pfblockernglistsv4', 'pfblockernglistsv6', 'pfblockerngdnsblsettings', 'pfblockerngafrica', 'pfblockerngantartica',
+ 'pfblockerngasia', 'pfblockerngeurope', 'pfblockerngnorthamerica', 'pfblockerngoceania', 'pfblockerngsouthamerica',
+ 'pfblockerngtopspammers', 'pfblockerngproxyandsatellite');
+
+foreach ($upgrade_type as $type) {
+ $conf_config = &$config['installedpackages'][$type]['config'];
+ if (isset($conf_config)) {
+ foreach ($conf_config as $key => $utype) {
+ if (isset($utype['autoports'])) {
+ $ufound = TRUE;
+ if ($utype['autoports'] == 'on' && !empty($utype['aliasports']) && !isset($conf_config[$key]['autoports_in'])) {
+ $conf_config[$key]['autoports_in'] = 'on';
+ $conf_config[$key]['aliasports_in'] = $utype['aliasports'];
+ }
+ unset($conf_config[$key]['autoports']);
+ unset($conf_config[$key]['aliasports']);
+ }
+ if (isset($utype['autodest'])) {
+ $ufound = TRUE;
+ if ($utype['autodest'] == 'on' && !empty($utype['aliasdest']) && !isset($conf_config[$key]['autoaddr_in'])) {
+ $conf_config[$key]['autoaddr_in'] = 'on';
+ $conf_config[$key]['aliasaddr_in'] = $utype['aliasdest'];
+ }
+ unset($conf_config[$key]['autodest']);
+ unset($conf_config[$key]['aliasdest']);
+ }
+ if (isset($utype['autonot'])) {
+ $ufound = TRUE;
+ if ($utype['autonot'] == 'on' && !isset($conf_config[$key]['autonot_in'])) {
+ $conf_config[$key]['autonot_in'] = $utype['autonot'];
+ }
+ unset($conf_config[$key]['autonot']);
+ }
+ if (isset($utype['autoproto'])) {
+ $ufound = TRUE;
+ $conf_config[$key]['autoproto_in'] = $utype['autoproto'];
+ unset($conf_config[$key]['autoproto']);
+ }
+ }
+ }
+}
+
+if ($ufound) {
+ write_config('pfBlockerNG: Upgrade Adv. Inbound Settings.');
+ update_static_output(" saving new changes ... done.\n");
+} else {
+ update_static_output(" no changes required ... done.\n");
+}
+
unset($g['pfblockerng_install']); // Remove 'Install flag'
update_static_output("Custom commands completed ... ");
return TRUE;